An alliance of mainly US-based stock traders and computer hackers in Ukraine made as much as US$100 million (A$137 million) in illegal profits over five years by stealing confidential corporate press releases, US authorities said on Tuesday.
The case marks the first time that US prosecutors have brought criminal charges for a securities fraud scheme that involved hacked inside information, in this instance 150,000 press releases from distributors Business Wire, Marketwired and PR Newswire.
"This is the story of a traditional securities fraud scheme with a twist - one that employed a contemporary approach to a conventional crime," FBI Assistant Director-in-Charge Diego Rodriguez said at a news conference.
Prosecutors said that hackers based in Ukraine infiltrated press releases before they were due to be released by the distributors. The traders gave the hackers "shopping lists" of releases, prosecutors said.
The hackers created a video tutorial to help traders see the stolen releases, and were paid a portion of the profits from trades based on the information in them, prosecutors said.
Nine people were indicted by grand juries in Brooklyn, New York, and in Newark, New Jersey, on charges that they made US$30 million in illegal profits starting around February 2010.
Five of the nine charged were arrested on Tuesday, prosecutors said. International arrest warrants were issued for the other four.
A parallel US Securities and Exchange Commission (SEC) civil lawsuit charged 17 people and 15 corporate entities and said that theft of inside information resulted in more than US$100 million in illegal profits.
The SEC said the network included traders in New York, Cyprus, France, Malta and Russia. The regulator said it seeks civil penalties and has already obtained a court-ordered freeze of assets.
Law enforcement officials have warned companies for years about securing their computer networks against hackers, whose victims over the past two years have included leading retailers and US government personnel.
"This case illustrates how cyber criminals and those who commit securities fraud are evolving and becoming more sophisticated," Paul Fishman, the US attorney for New Jersey, said at the news conference.
Fishman said the distributors, who were not charged with any wrongdoing, provided "fabulous cooperation" in the probe.
Business Wire, a unit of Warren Buffett's Berkshire Hathaway, said in a statement that it had hired a security firm to test its systems.
"Despite extreme vigilance and commitment, recent events illustrate that no one is immune to the highly sophisticated illegal cyber-intrusions that are plaguing every aspect of our society," the company said.
PR Newswire, a unit of UBM said it also takes security very seriously. Marketwired declined immediate comment.
Sensitive corporate news
The indictments said the news releases included sensitive corporate information such as financial results that would later become public. Foreign shell companies were used to share the money made from the insider trading, officials said.
"The traders were market-savvy, using equities, options and contracts for differences to maximise their profits," SEC Chair Mary Jo White said at the news conference.
Authorities said the scheme involved trades on such companies as Acme Packet, Align Technology, Caterpillar, Dealertrack Technologies, Dendreon Corp, Edwards Lifesciences, Hewlett-Packard, Home Depot and Panera Bread.
The indictment in Brooklyn charged four traders: Vitaly Korchevsky, 50, a former hedge fund manager from Pennsylvania; Vladislav Khalupsky, 45, of Brooklyn and Odessa, Ukraine; and Leonid Momotok, 47, and Alexander Garkusha, 47, of the US state of Georgia. The charges included securities fraud, wire fraud and money laundering conspiracy.